FPF:UIMOIBK052 Application Security - Course Information
UIMOIBK052 Application Security
Faculty of Philosophy and Science in OpavaSummer 2024
- Extent and Intensity
- 0/0/0. 4 credit(s). Type of Completion: zk (examination).
- Teacher(s)
- Ing. Vladimír Lazecký (lecturer)
RNDr. Jiří Martinů, Ph.D. (seminar tutor)
RNDr. Šárka Vavrečková, Ph.D. (seminar tutor) - Guaranteed by
- Ing. Vladimír Lazecký
Institute of Computer Science – Faculty of Philosophy and Science in Opava - Prerequisites
- Computer Network and Internet
- Course Enrolment Limitations
- The course is also offered to the students of the fields other than those the course is directly associated with.
- fields of study / plans the course is directly associated with
- Information and communication technologies (programme FPF, MOI)
- Course objectives
- Currently, most applications are developed as web applications. If the application is not properly developed, it provides an easy target for attacks by the hacking community (under this term we summarize how an individual's interest in misusing this information, industrial espionage, or espionage itself). Each application should meet at least the following parameters: Confidentiality, Availability, Integrity. In this course, we focus primarily on the application of security principles in Web application development and also generally security on the application layer RM ISO / OSI.
- Learning outcomes
- Students will be able to:
- describe general recommendations based on EU standards;
- summarize the development process of web applications;
- compare and highlight differences in protection against DOS attacks on the seventh layer of the OSI model with protection against DOS attacks on the fourth layer OSI model; - Syllabus
- 1. The legal environment defining application development, application security in Czech Republic and EU.
- 2. Development of web applications.
- 3. Web application firewall - why L7 security is as important as L4 firewall.
- 4. Web application firewall - DoS attacks protection on L7.
- 5. PCI Security standard framework.
- Literature
- recommended literature
- RFC standards [online]. URL info
- The PCI Security Standards Council [online]. URL info
- Zákon č. 101/2000 Sb., o ochraně osobních údajů, ve znění účinném od 1. ledna 2015. URL info
- Zákon č. 181/2014 Sb., o kybernetické bezpečnosti a příslušné prováděcí předpisy. URL info
- Národní úřad pro kybernetickou a infomační bezpečnost [online]. Dostupné na: https://www.govcert.cz/cs/zkb/legislativa/
- Jirovský, Václav. Kybernetická kriminalita: nejen o hackingu, crackingu, virech a trojských koních bez tajemství. Praha: Grada, 2007. ISBN 978-80-247-1561-2. URL info
- Doseděl, Tomáš. Počítačová bezpečnost a ochrana dat. Brno: Computer Press, 2004. ISBN 80-251-0106-1. info
- Teaching methods
- Interactive lectures
Tutorials in computer class - Assessment methods
- Credit: a practical form of verification of study results. Exam: a written form of verification of study results.
- Language of instruction
- Czech
- Further comments (probably available only in Czech)
- Study Materials
The course can also be completed outside the examination period.
Information on the extent and intensity of the course: 10 hod/sem.
- Enrolment Statistics (recent)
- Permalink: https://is.slu.cz/course/fpf/summer2024/UIMOIBK052